AI Threats Lift Cyber Budgets, Trim Headcount, and Expose US-UK Trust Gap, AXIS Survey Finds

AI-driven cyber threats push spending plans - and expose a sharp trust gap

Executives are pushing budgets up while trimming headcount. In new findings from AXIS Capital Holdings Limited, 81.8% plan to increase cybersecurity spend over the next 12 months, while 75.2% expect to reduce headcount due to productivity gains from AI security tools.

The signal is clear: AI is changing the mix - smarter tooling, leaner teams, faster cycles. Vince Tizzio, AXIS president and CEO, noted that AI is raising efficiency while creating a new class of risks that leadership can't ignore.

Budget reallocation is here

More budget with fewer people means a different operating model. Expect heavier investment in detection engineering, automated response, and identity controls - paired with leaner analyst benches.

That can work, but it needs guardrails: clear success metrics, tight model oversight, and a plan to avoid over-automation that blindsides your team during real incidents.

The threat boardrooms are prioritizing

Across the US and UK, AI-driven attacks ranked as the top emerging threat (25.2%), ahead of identity theft/credential abuse (18.0%) and supply chain compromise (16.6%).

AXIS highlights specific risks: shadow AI, model manipulation, deepfakes and social engineering, data leakage, and advanced ransomware. Lori Bailey, who leads global cyber and technology at AXIS, pointed out the tension between CEO optimism and CISO caution - a useful check-and-balance if you structure it well.

US vs UK: sharply different confidence

• Preparedness: 85% of US leaders feel ready for AI threats vs 44% in the UK.
• Trust in AI tools (CEOs/CISOs): US 82.6% / 83.0% vs UK 49.6% / 37.0%.
• Perceived ROI (CEOs/CISOs): US 93.5% / 87.5% vs UK 69.1% / 74.0%.
• Cyber insurance adoption: US 94.0% vs UK 68.4%.
• Top-threat intensity: AI-driven attacks cited by 29.6% in the UK vs 20.8% in the US.

For multinationals, this gap matters. Controls, training, and incident exercises should reflect local confidence levels and threat perceptions - not just global policy on paper.

CEOs vs CISOs: different risk lens

• CISOs' top AI risk: Shadow AI at 27.2% - unsanctioned tools without guardrails.
• CEOs' top AI risk: Data leakage at 28.7% - exposure through prompts, logs, and integrations.

Translate this into governance: formal approval paths for AI tools, usage policies, data classification tied to prompts, and continuous monitoring of where sensitive data flows.

What to do in the next 12 months

• Tie spend to outcomes: Track time-to-detect, time-to-respond, identity attack coverage, and incident rate by vector. Fund what moves these numbers.
• Fund three pillars: - AI security controls (prompt injection testing, model abuse detection, dataset leakage checks). - Identity-first security (strong auth, least privilege, session protections; see the CISA Cybersecurity Performance Goals). - Vendor risk focused on AI suppliers and model integrations.
• Contain shadow AI: Publish an approved tools list, route usage through secure gateways, apply DLP to prompts and outputs, and block unsanctioned extensions that exfiltrate data.
• Reskill, don't hollow out: If you reduce roles, reinvest in security engineers with AI/ML depth, adversarial testing, and threat intel that tracks AI-enabled campaigns. Role-based upskilling helps - see role-based AI courses.
• Update incident playbooks: Add deepfake fraud response, brand takedown workflows, and ransomware response where AI speeds phishing, lateral movement, and extortion.
• Govern models like products: Apply the NIST AI Risk Management Framework, including model inventories, change control, red-teaming, and post-incident reviews.
• Board reporting: Quarterly AI-risk drills, KPI trendlines, and ROI snapshots that compare automation gains to risk reduction - not just tool adoption counts.

Key numbers at a glance

• Budget: 81.8% plan to increase cyber spend; 75.2% likely to cut headcount tied to AI-driven productivity.
• Top threats: AI-driven attacks (25.2%), identity theft/credential abuse (18.0%), supply chain compromise (16.6%).
• Regional concern about AI attacks: UK 29.6% vs US 20.8%.
• Preparedness: US 85% vs UK 44%.
• Trust in AI tools (CEOs/CISOs): US 82.6% / 83.0% vs UK 49.6% / 37.0%.
• ROI belief (CEOs/CISOs): US 93.5% / 87.5% vs UK 69.1% / 74.0%.
• Cyber insurance adoption: US 94.0% vs UK 68.4%.

About the study

AXIS fielded a 23-question online survey of 500 leaders across the US and UK from Oct 22-29, 2025. The sample included US (138 CEOs, 112 CISOs) and UK (123 CEOs, 127 CISOs) at companies with 250+ employees.